How to perform Android Application Penetration Testing

In this project, you will learn about how to find vulnerabilities in the Android applications. This project will cover the basics introduction of Android Penetration for beginners and learn the tools and techniques of the industry. This project is focus on Android Architecture, Android Application Pentesting with Owasp top 10 Mobile Risk, Reversing android application, Static and Dynamic Analysis of android.

Overview

Introduction

This tutorial will cover the basics introduction of Android Penetration for beginners and learn the tools and techniques of the industry. You will learn how to find vulnerabilities in android applications.

What are the requirements?

32bit/64bit PC with minimum 4Gb Ram, core i3 processor and 500Gb of storage. 
VMware Workstation 
Android Tamer Linux OS for Android Penetration Testing 
Basic knowledge of Owasp top 10 Mobile Risk 
Good Internet Connection

What is the target audience?

Someone with basic hacking experience and for beginner guide how to find Vulnerabilities in android Applications.

Project Outline

Session 1: Getting Started with Android Security

Android Introduction and architecture
Owasp top 10 Mobile Risk

Session 2: Setting Up the Environment

Setting up Environment in Windows and VMware Workstation.

Session 3: Mobile Applications Threats

Insecure file Storage
Path/Directory Traversal Vulnerability
Local File Inclusion
Remote File Inclusion
Client-Side Injection Attacks
Password Brute Force
Unauthorized Dialing, SMS & payment
OWASP Mobile Top 10
Unsafe Sensitive Data Storage

Session 4: Static and Dynamic Analysis of Android Applications

Static Analysis
Dynamic Analysis

Session 5: Tools used for Android Penetration Testing.

Android Tamer
Mobsf
Burp Suite
Apk tool

Session 6: Reverse Engineering.

Reverse Android Applications using Apk tool.